LAS VEGAS (KTNV) — Change Healthcare, which is part of UnitedHealth Group, is announcing some systems could be coming back online after a national cyberattack.
In February, Change Healthcare was attacked by a group called AlphV Blackcat, a cybercriminal organization, which has targeted the computer networks of over 1,000 victims around the world. The attack impacted hospitals, health care facilities, and pharmacies across the country.
Here in Nevada, the Nevada Hospital Association said several services had been impacted including verifying health covers, disrupting claims processing, disrupting patient portals, disrupting employee health savings accounts, and the inability to report on quality management to the Centers for Medicare and Medicaid Services (CMS).
RELATED LINK: National cyberattack hits Nevada hospitals, health care facilities, pharmacies
On Wednesday, Change Healthcare said electronic prescribing is now fully functional. They added that electronic payments are expected to be live on Friday, March 15.
According to Change Healthcare, work to restore the medical claims network will begin on March 18. However, there is no anticipated date for when systems will be fully restored and functional.
On Wednesday, the U.S. Department of Health and Human Services' Office for Civil Rights announced they have officially opened an investigation into the Change Healthcare cyberattack.
"Given the unprecedented magnitude of this cyberattack, and in the best interest of patients and health care providers, OCR is initiating an investigation into this incident. OCR's investigation of Change Healthcare and UHG will focus on whether a breach of protected health information occurred and Change Healthcare's and UHG's compliance with the HIPAA Rules," a letter posted by the agency reads in part. "OCR's interest in other entities that have partnered with Change Healthcare and UHG is secondary. While OCR is not prioritizing investigations of health care providers, health plans, and business associates that were tied to or impacted by this attack, we are reminding entities that have partnered with Change Healthcare and UHG of their regulatory obligations and responsibilities."
RELATED LINK: Former FBI special agent weighs in on health care cyberattack
According to Centers for Medicare & Medicaid Services Administrator Chiquita Brooks-LaSure, the agency is working on guidance to send to states to provide "needed flexibilities" for states to support Medicaid providers and suppliers during this time.
On Wednesday, the Nevada Hospital Association states that at least six lawsuits seeking class-action status have been filed this month, related to the Change cyberattack.
"The suits allege the technology firm didn't have reasonable cybersecurity measures in place to prevent a data breach, allowing criminals to potentially expose sensitive health and other personal information," a press release states.
The NHA said the Change incident isn't the only one causing issues for Nevada's health care system.
On Wednesday, the NHA also stated Unite Here, a labor union that represents workers in the U.S. and Canada, announced a data breach that has affected their health fund members. Personal data for up to 800,000 people has potentially been exposed. That includes patient names, social security numbers, driver's licenses, tribal and alien registration status, passport information, and financial and medical information.
The NHA also stated that the Nevada branch of the Cybersecurity and Infrastructure Security Agency stated a hacking group called Dark Storm Team has announced they plan on attacking hospitals within the U.S., United Arab Emirates, and Israel. However, no specifics have been announced related to those potential attacks.
According to federal officials, ransomware and hacking are the primary cyber-threats in health care. Over the past five years, there has been a 256% increase in large breaches involving hacking and a 264% increase in ransomware. In 2023, hacking accounted for 79% of the large breaches, which affected over 134 million individuals, which is up 141% compared to 2022.
